<?php 
$user	= htmlentities(isset($_POST["username"])?$_POST["username"]:"",ENT_QUOTES);
$psd	= htmlentities(isset($_POST["password1"])?$_POST["password1"]:"",ENT_QUOTES);
$psd2	= htmlentities(isset($_POST["password2"])?$_POST["password2"]:"",ENT_QUOTES);
$no	= htmlentities(isset($_POST["no"])?$_POST["no"]:"",ENT_QUOTES);
$email	= htmlentities(isset($_POST["email"])?$_POST["email"]:"",ENT_QUOTES);
$err="";
if($psd==$psd2)
{
   if($user && $psd && $psd2 && $no && $email)
   {
      include "mysql.inc.php";
      include "user.inc.php";
      $sql="select * from user where NAME='$user' limit 1";
      $m=new CMySQL($dbserver,$dbuser,$dbpsd,$dbname);
      $users=$m->DoQuery($sql);
      if(count($users)==0)
      {
         $sql="insert into user values(NULL,'$user','".md5($psd)."','$no','$email')";
         $m->DoQueryNoReturn($sql);

         if($m->GetErrorNo()==0)
            header("Location:login.php");
      }
      else
      {
         $err="Username $user is already existed.";
      }
   }
   else $err="Please fill in the form completely.";
}
else $err="The passwords you entered are not the same.";
?>
<form action=register.php method=POST>
<table width="381" border="1" align="center">
  <tr>
    <th colspan="3" scope="col">Register</th>
  </tr>
  <tr>
    <th width="183" scope="row">USERNAME</th>
    <td width="168"><input type="text" name="username" id="username" value="<?php echo $user;?>"/></td>
    <td width="8">*</td>
  </tr>
  <tr>
    <th scope="row">PASSWORD</th>
    <td><input type="password" name="password1" id="password1" /></td>
    <td>*</td>
  </tr>
  <tr>
    <th scope="row">PASSWORD CONFIRM</th>
    <td><input type="password" name="password2" id="password2" /></td>
    <td>*</td>
  </tr>
  <tr>
    <th scope="row">SCHOOL No.</th>
    <td><input type="text" name="no" id="no"  value="<?php echo $no;?>"/></td>
    <td>*</td>
  </tr>
  <tr>
    <th scope="row">EMAIL</th>
    <td><input type="text" name="email" id="email" value="<?php echo $email;?>" /></td>
    <td>*</td>
  </tr>
  <tr>
    <th colspan=3><font color=red><?php echo $err;?></font></th>
  </tr>
  <tr>
    <th colspan="3" scope="row"><input type="submit" name="button2" id="button2" /></th>
  </tr>
</table>
</form>
